Skip to content

Implement session endpoint to proxy build services requests

Francisco Javier López (ex-Gitlab) requested to merge fj-add-build-proxies into master

What does this MR do?

This MR introduces a new endpoint in the session like /proxy/buildOrService/port/requestedURI.

At the moment only the Kubernetes executor has been updated and only the basic version of the proxy (not the websocket capability).

This is an example of the current options in .gitlab-webide.yml:

terminal:
  image: 
    name: alpine:3.9
    ports:
      - 80
  services:
    - name: tomcat
      alias: tomcat
      ports:
        - number: 8080      
          protocol: http
    - name: tomcat
      alias: tomcat2
      ports:
        - number: 8080
          name: main_port
        - number: 8081
          name: secondary_port

The ports configuration can accept different options:

  • Only one port:
  ports:
    - 80
  • A hash. The accepts the keys: number, protocol and name.
  ports:
    - number: 8080
      protocol: http
      name: port_name
  • By default all services are protocol=http
  • Inside the same service, you can't have different ports pointing to the same port.
  • If there are more than one service you are forced to set a port name.
  • When the proxy endpoint is requested you can use either the number or the name version of the port.

Notes:

  • In order to proxy websockets connection to the service, it's necessary to update ci role and add services/proxy to the resources:
kind: Role
apiVersion: rbac.authorization.k8s.io/v1
metadata:
  namespace: default
  name: ci
rules:
- apiGroups: [""] # "" indicates the core API group
  resources: ["pods/exec", "services/proxy"]
  verbs: ["get", "create", "update"]
  • We need to enable the feature flag build_service_proxy in Rails: Feature.enable(:build_service_proxy)

Why was this MR needed?

Are there points in the code the reviewer needs to double check?

  • Rails branch: fj-5276-mirror-webide-changes-backup
  • Workhorse branch: fj-proxy-webide-services

My default .gitlab-webide.yml for testing is:

terminal:
  image: 
    name: alpine:3.9
    ports:
      - 80
  services:
    - name: tomcat
      alias: servicealias
      ports:
        - number: 8080      
          protocol: http

Does this MR meet the acceptance criteria?

  • Documentation created/updated
  • Added tests for this feature/bug
  • In case of conflicts with master - branch was rebased

What are the relevant issue numbers?

Refs https://gitlab.com/gitlab-org/gitlab-ee/issues/5276 Closes #3948 (closed)

Edited by Francisco Javier López (ex-Gitlab)

Merge request reports